unable to insert into database using msqli_query

Question

I am retreiving the contents form an array and adding them in to the variables.(The variables are not empty, I have checked using echo). I am trying to return success in JSON if my contents are added into the database but im unable to do so.I am getting the result as false.

The $con is created correctly and is also working perfectly for a "select" query on this connection just before this part of code displayed below.I have added the $con statement below just for better understanding.

$con = mysqli_connect($mysql_host, $mysql_user, $mysql_password, $mysql_database) or die(mysql_error());
$id=$record["id"];
$caller=$record["caller"];
$receiver=$record["receiver"];
$mapurl=$record["mapurl"];
$timestamp=$record["timestamp"];
$res=mysqli_query($con,"INSERT INTO call (id,caller,receiver,mapurl,timestamp) VALUES  ('$id','$caller','$receiver','$mapurl','$timestamp')");
if ($res) {
$response["success"] = 1;
$response["message"] = "Added the Values in the Database";
echo json_encode($response); 
}
else{
$response["success"] = 0;
$response["message"] = "Insert Not Successful";
echo json_encode($response);
}

My Output :

{"success":0,"message":"Insert Not Successful"}

My Database Structure :

(I am unable to post the image here as i have low reputation and one needs 10 reputation to do so)

MySQL
Table name: call

Columns - Datatypes
id - int(255)
caller - text
receiver - text
mapurl - text
timestamp - text

possible duplicate of [Creating table names that are reserved words/keywords in MS SQL Server](http://stackoverflow.com/questions/695578/creating-table-names-that-are-reserved-words-keywords-in-ms-sql-server) — Rizier123, Nov 29 '14 at 18:31

score 2 · Accepted Answer · edited May 23 '17 at 12:12

call is a MySQL reserved word

http://dev.mysql.com/doc/refman/5.5/en/reserved-words.html

either name it to something else or wrap it in ticks

INSERT INTO `call` ...

using or die(mysqli_error($con)) to mysqli_query() would have signaled an error.

A quick FYI: call is a word which is used for stored procedures:

http://dev.mysql.com/doc/refman/5.5/en/call.html

"The CALL statement invokes a stored procedure that was defined previously with CREATE PROCEDURE."

which is why you should be using ticks around the table name, or name it to "calls".

Sidenote:

Your present code is open to SQL injection. Use prepared statements, or PDO with prepared statements, they're much safer.

score 0 · Answer 2 · answered Nov 29 '14 at 18:40

0

I think it is only a typo, you wrote: $timpestamp=$record["timestamp"]; instead of $timestamp and as Fred -ii- said, call is a MySQL reserved word.

answered Nov 29 '14 at 18:40

dinhokz

895
15
36

I'm thinking OP may be taking `$record` somewhere that hasn't posted, in how it's being populated. Notice how they all start with `$record`. – Funk Forty Niner Nov 29 '14 at 18:43

unable to insert into database using msqli_query

2 Answers2